

import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.crypto.*;

/**
 * Servlet implementation class Login
 */
@WebServlet("/Login")
public class Login extends HttpServlet {
	private static final long serialVersionUID = 1L;
       
    /**
     * @see HttpServlet#HttpServlet()
     */
    public Login() {
        super();
        // TODO Auto-generated constructor stub
    }

	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		HttpSession ses = request.getSession();
		if(ses == null){
			request.getRequestDispatcher(response.encodeURL("Login.jsp")).forward(request, response);
		}
		else {
			ses.invalidate();
			request.getRequestDispatcher(response.encodeURL("Login.jsp")).forward(request, response);
			
		}
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		String email = request.getParameter("email");
		String password = request.getParameter("password");
		Database baza = null;
		try {
			baza = new Database();
		} catch (SQLException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		baza.Select("*");
		baza.From("G_USER");
		baza.Where("EMAIL= ? ");
		PreparedStatement Vnes = null;
		try {
			Vnes = baza.SafeInput();
		} catch (SQLException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		try {
			if(email!=""){
				Vnes.setString(1, email);
			} else {
				response.sendRedirect("SignUp");
				return;
			}
		} catch (SQLException e) {
			e.printStackTrace();
		}
		ResultSet rs = null;
		try {
			rs = Vnes.executeQuery();
		} catch (SQLException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		try {
			if(!rs.isBeforeFirst()){
				response.sendRedirect("Login");
			} else {
				rs.next();
				String DBemail = rs.getString("EMAIL");
				String DBpassword = rs.getString("PASSWORD");
				String DBname = rs.getString("NAME");
				Integer DBUserID = rs.getInt("USER_ID");
				rs.close();
				HttpSession ses = request.getSession(true);
				if(BCrypt.checkpw(password, DBpassword)){
					ses.setAttribute("USER_ID", DBUserID);
					ses.setAttribute("USERNAME", DBname);
					ses.setAttribute("EMAIL", DBemail);
					response.sendRedirect("Overview");
				}
				else {
					response.sendRedirect("Login");
				}
				
				
			}
			
			
			
		} catch (SQLException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		
	}

}
